Quoting Kenneth Porter <[EMAIL PROTECTED]>:
> --On Thursday, September 27, 2007 7:05 PM +0200 Giampaolo Tomassoni
> <[EMAIL PROTECTED]> wrote:
>
> > The only problem is that a spammer could "query" it days before it will
> > bulk send, thereby impairing the effectiveness of such approach.
> >
> >
--On Thursday, September 27, 2007 7:05 PM +0200 Giampaolo Tomassoni
<[EMAIL PROTECTED]> wrote:
The only problem is that a spammer could "query" it days before it will
bulk send, thereby impairing the effectiveness of such approach.
I think we need some "official" data like the domain's creatio
> 2. As mentioned above the whois data is sometimes populated *after* the
> domains
> start appearing in spams. Remember that the whois data is still mostly batch
> processed once or twice a day. Many of the TLD zone files (where the DNS
> delegations actually come from) are updated in near real
Quoting Jonas Eckerman <[EMAIL PROTECTED]>:
> (The idea below is not mine, someone else (I'm sorry, but I
> forgot who) wrote about it here (I think) before.)
>
> Giampaolo Tomassoni wrote:
>
> > brand-new domains,
>
> Something that could work for this without the problems inherent
> in using who
> -Messaggio originale-
> Da: Jonas Eckerman [mailto:[EMAIL PROTECTED]
> Inviato: giovedì 27 settembre 2007 18.17
> A: users@spamassassin.apache.org
> Oggetto: New domains (was: URIWhois plugin)
>
> (The idea below is not mine, someone else (I'm sorry, but I
&g
(The idea below is not mine, someone else (I'm sorry, but I
forgot who) wrote about it here (I think) before.)
Giampaolo Tomassoni wrote:
brand-new domains,
Something that could work for this without the problems inherent
in using whois or registry databases is to simply check how long
ago
Quoting Giampaolo Tomassoni <[EMAIL PROTECTED]>:
> How do they "handle these domains in a centralized way"? Do they simply
> relay a whois request for not-yet-seen domains? Because in this case they
> have to tune their whois parsers a bit: dob.sibl.support-intelligence.net,
> in example, reports
> -Messaggio originale-
> Da: Jeff Chan [mailto:[EMAIL PROTECTED]
>
> In principle, this is a good concept; using domain whois data to spot
> bad
> domains can be useful.
>
> In practice, it's a really, really, really bad idea since the public
> whois
> infrastructure is not designed for
Jeff Chan wrote:
In principle, this is a good concept; using domain whois data to spot bad
domains can be useful.
In practice, it's a really, really, really bad idea since the public whois
infrastructure is not designed for this kind of high volume use. If many
people did it, it would result
Quoting Giampaolo Tomassoni <[EMAIL PROTECTED]>:
> Dears,
>
> well, I just did version 0.01 of the URIWhois plugin.
>
> Its purpose is mainly to detect some spam containing URIs to sites in
> brand-new domains, or having some conflict in whois and dns records, or
> b
Dears,
well, I just did version 0.01 of the URIWhois plugin.
Its purpose is mainly to detect some spam containing URIs to sites in
brand-new domains, or having some conflict in whois and dns records, or
being driven by specific dns servers.
So, it is meant to do something I believe someone else
11 matches
Mail list logo